Intelius - Raskinhttp://blog.intelius.com/taxonomy/term/95/0
enThe latest scam YOU need to be aware of: 'tabnabbing'http://blog.intelius.com/latest-scam-you-need-be-aware-tabnabbing
<p>Think ‘tabnabbing’ sounds like the latest prank involving filing
supplies and the office clown? Think again.&nbsp; Tabnabbing (also referred
to as tabnapping) is a new type of phishing attack that is sweeping the
internet.&nbsp; Most phishing scams rely on you clicking on an imbedded link
or downloading a file you find in a suspect email, sketchy website or a
pop up window.&nbsp; Tabnabbing occurs in the background after your focus
shifts away from a malicious or compromised site.&nbsp; &nbsp;</p><p>“What we
don’t expect is that a page we’ve been looking at will change behind our
backs, when we aren’t looking. That’ll catch us by surprise,” Said Aza
Raskin, Firefox's creative lead who identified the attack.&nbsp; “Most people
keep multiple tabs open, often for long periods.” </p><p>This
attack uses JavaScript to discretely change the contents of an open but
not active tab in your browser to look like the log-in screen of a bank,
credit card company, popular retail site, social networking site or
email provider.&nbsp; This page transformation only occurs after the page
becomes “inactive” while a victim moves to another tab or open program.
The scammers are relying on users thinking they left a login page tab
open.&nbsp; &nbsp;</p><p>"When they click back to the fake tab, they'll see
the standard Gmail log-in page, assume they've been logged out, and
provide their credentials to log in," says Raskin. </p><p>Raskin was
able to recreate “tabnabbing” on his own blog to show users what to
look for.&nbsp; You can try it <a href="http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/" target="_new">here</a>.
After clicking the link, open a new tab, or simply click away from the
page for a few seconds and then go back to the original tab.&nbsp; While the
URL hasn’t changed, the original blog content you saw only moments ago
has been replaced with what appears to be a Gmail login page.&nbsp; In this
case the Gmail login page is just an image; however, in the case of an
actual tabnabbing attack the page will be a functional login form. </p><p>In
an actual attack after the user enters their login information, it’s
sent it back to the attacker, and then the victim redirected back to the
site they think they are logging into. This often goes completely <br />undetected
because often the victim was never logged out in the first place, and
it will simply appear as if the login was successful, never realizing
that they just handed over the all credentials the attacker needed to
access their account.&nbsp; &nbsp;</p><p>It is even possible for attackers to
detect which sites are in your history as well as what sites you are
currently logged into and then customize the fake page to resemble a
site you often use or are currently logged into, making this form of
attack extremely effective and difficult to detect.&nbsp; All major browsers
are susceptible to this attack. &nbsp;</p><p>Here’s what to watch for and
how to avoid a potential tabnabbing attack and keep your identity,
information, and login credentials safe:<br /><br /><strong>Don't log-in on a
tab that you haven't opened yourself.</strong> Since the tabnabbing tactic
banks on you trusting that you opened the tab -- and that the site
simply timed out -- the best defense is this offensive move. In other
words, if you see a tab that contains a seemingly-legit log-in form,
close it, then head to the site yourself in a new tab. </p><p><strong>Enable
browser settings and filters that will alert you to potential attacks.</strong>
For Internet Explorer (IE) use SmartScreen. In Firefox and Chrome it's
called "Phishing and Malware Protection;" Safari doesn't give it a name,
but offers a setting that reads, "Warn when visiting a fraudulent
website" in the Security section of its Preferences settings. </p><p><strong>Look
at the URL in your browser's address bar before filing in any</strong> form
or giving out any personal information and verify the URL matches the
login page. If there’s a discrepancy, close the tab <br />immediately. </p><p><strong>Use
a password manager.</strong> Third-party browser password managers like <a href="http://www.roboform.com/" target="_new">RoboForm</a> for Windows or <a href="http://agilewebsolutions.com/products/1Password" target="_new">1Password</a>
for Mac link saved log-in usernames and passwords to a specific URL.
When you save the username and password on the log-in page of the
legitimate site, the password manager won't auto enter the username and
password into a non-matching URL which should alert you to a possible
tabnabbing attempt. </p><p>For more info on avoiding Tabnapping read
ComputerWorld’s <a href="http://www.computerworld.com/s/article/9177398/How_to_foil_Web_browser_tabnapping_" target="_new">How
to Foil Web Browser Tabnapping. </a></p><div class="comment-link"><a href="/latest-scam-you-need-be-aware-tabnabbing#comments">2 comments</a> &ndash; <a href="/latest-scam-you-need-be-aware-tabnabbing#comments">Read/add comments</a></div><div class="service-links"><div class="service-label">Bookmark/Search this post with: </div><ul class="links"><li class="service_links_delicious first"><a href="http://del.icio.us/post?url=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;title=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Bookmark this post on del.icio.us." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/delicious.png" alt="Delicious" /> Delicious</a></li>
<li class="service_links_digg"><a href="http://digg.com/submit?phase=2&amp;url=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;title=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Digg this post on digg.com." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/digg.png" alt="Digg" /> Digg</a></li>
<li class="service_links_stumbleupon"><a href="http://www.stumbleupon.com/submit?url=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;title=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Thumb this up at StumbleUpon." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/stumbleit.png" alt="StumbleUpon" /> StumbleUpon</a></li>
<li class="service_links_propeller"><a href="http://www.propeller.com/submit/?U=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;T=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Submit to Propeller." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/propeller.png" alt="Propeller" /> Propeller</a></li>
<li class="service_links_reddit"><a href="http://reddit.com/submit?url=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;title=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Submit this post on reddit.com." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/reddit.png" alt="Reddit" /> Reddit</a></li>
<li class="service_links_magnoliacom"><a href="http://ma.gnolia.com/bookmarklet/add?url=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;title=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Submit this post on ma.gnolia.com." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/magnoliacom.png" alt="Magnoliacom" /> Magnoliacom</a></li>
<li class="service_links_furl"><a href="http://www.furl.net/storeIt.jsp?u=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;t=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Submit this post on furl.net." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/furl.png" alt="Furl" /> Furl</a></li>
<li class="service_links_facebook"><a href="http://www.facebook.com/sharer.php?u=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;t=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Share on Facebook." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/facebook.png" alt="Facebook" /> Facebook</a></li>
<li class="service_links_google"><a href="http://www.google.com/bookmarks/mark?op=add&amp;bkmk=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;title=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Bookmark this post on Google." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/google.png" alt="Google" /> Google</a></li>
<li class="service_links_yahoo"><a href="http://myweb2.search.yahoo.com/myresults/bookmarklet?u=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing&amp;t=The+latest+scam+YOU+need+to+be+aware+of%3A+%27tabnabbing%27" title="Bookmark this post on Yahoo." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/yahoo.png" alt="Yahoo" /> Yahoo</a></li>
<li class="service_links_technorati last"><a href="http://technorati.com/cosmos/search.html?url=http%3A%2F%2Fblog.intelius.com%2Flatest-scam-you-need-be-aware-tabnabbing" title="Search Technorati for links to this post." rel="nofollow"><img src="/sites/all/modules/contrib/service_links/images/technorati.png" alt="Technorati" /> Technorati</a></li>
</ul></div><p><a href="http://blog.intelius.com/latest-scam-you-need-be-aware-tabnabbing" target="_blank">read more</a></p>http://blog.intelius.com/latest-scam-you-need-be-aware-tabnabbing#commentsCyber CrimesCyber SafetyCyber Securityhackingidentity theftInteliusphishingRaskinScamtabnabbingtabnappingFri, 11 Jun 2010 01:55:00 +0000drupal_admin247 at http://blog.intelius.com